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NetStorage Administration Guide 


This guide includes information on Novell® NetStorage. NetStorage provides secure Internet- 
based access to files and folders on a NetWare® server in your network using either a browser or 
Microsoft* Web Folders. 


The following topics are included in this documentation: 
* Chapter 1, “NetStorage Overview,” on page 5 
* Chapter 2, “Installing NetStorage,” on page 9 
* Chapter 3, “Administering NetStorage,” on page 13 
* Chapter 5, “Accessing NetStorage,” on page 21 


Documentation Conventions 


In this documentation, a greater-than symbol (>) is used to separate actions within a step and items 
within a cross-reference path. 


A trademark symbol @, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party 
trademark. 
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NetStorage Overview 


Novell® NetStorage provides secure Internet-based access to files and folders on a NetWare® 
server in your network using either a browser or Microsoft” Web Folders (Microsoft’s 
implementation of WebDAV). NetStorage authentication relies on the power of eDirectory™ to 
provide secure access, so Internet-based access is as secure as accessing files from within the 
network. 


Novell NetStorage includes the following benefits: 


+ Lets users securely copy, move, rename, delete, read, and write files between any Internet- 
enabled machine and a NetWare server on your network. 


* Eliminates the need to use a virtual private network (VPN) client to access files. 
+ Eliminates the need to e-mail or copy data from one machine to another. 
* Supports Internet standards such as HTTP, HTTPS, HTML, XML, and WebDAV. 


* Supports the use of drive mappings that users are accustomed to when they log in using the 
Novell Client™ (see“What Users See When They Access NetStorage” on page 6). 


* Supports access to users’ Novell iFolder® accounts. 


* Provides access to network files and folders via NetWare WebAccess, Novell iFolder, and 
Novell exteNd Director™ 4.1 Standard Edition. 


With NetStorage installed on one NetWare 6.5 server, users can potentially have access to any 
NetWare 5 or later server anywhere on your geographically dispersed network. 


How NetStorage Works 


NetStorage is installed on one NetWare 6.5 server that acts as a Middle Tier (also known as XTier) 
server. Middle Tier server configuration information is stored in the NetWare registry and Novell 
iManager provides an easy method for changing Middle Tier server registry entries. Xtier is 
Novell’s Web services framework and is used by various Novell products. 


NOTE: Previous versions of NetStorage were administered using the NSAdmin utility. Configuration should 
now be completed using Novell iManager. 


After the Middle Tier server is set up, it appears as an Internet Web server to users and can be 
accessed either with a Web browser or with Microsoft’s Web Folders. NetStorage also provides a 
gadget that provides access through Novell exteNd Director 4.1 Standard Edition. 


Description: NetStorage overview 
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Back-end protected Front-end Internet 


Novell Portal 
Services (NPS) 






Workstation using 
a Browser or 
Web Folders 


asa File Lg 


Novell NetStorage Firewall 
Web Server 
with Xtier 
Novell 9 Server 
(can be outside 
the firewall) 


The Middle Tier server communicates with the Novell file servers in the network and provides 
secure authentication using eDirectory and the users’ usernames and passwords. NetStorage also 
provides secure access to files that users have access located on Novell iFolder servers. 

NOTE: Users must have their iFolder user accounts enabled through the iFolder server in order to access their 
files stored in iFolder using NetStorage. You must also enable the ability for users to set iFolder passphrases 


in NetStorage. For more information on iFolder, see the Novell iFolder 2.1 online documentation (http:// 
www.novell.com/documentation/Ig/ifolder21/index.html). 


iFolder 2.1 does not support 56-bit encryption. If you are using 56-bit encryption, you must use iFolder 1.03. 


All transactions can also be encrypted to increase the security using SSL. Novell iFolder 
transactions are secured using the iFolder encryption mechanism. 


For more detailed information on creating and using login scripts, see the online Novell Login 
Script Guide (http://www.novell.com/documentation/lg/noclienu/index.html?page=/ 
documentation/lg/noclienw/login/data/front.htm]). 
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The NetStorage Web page displays the network files and folders currently accessible for each user. 
NetStorage reads the user’s login script to determine drive mappings, reads eDirectory User object 
properties to determine the path to the user’s home directory, reads the user’s Novell iFolder 
account, then displays a list of files and folders based on the mapped drives, home directories, and 
iFolder account. 


NetStorage reads the container, profile, and user login scripts only from the primary eDirectory 
server specified during the installation and displays the user’s drive mappings based only on those 
login scripts. However, because login scripts were designed to be processed by the Novell Client 
on the user's workstation, NetStorage processes only a subset of the login script functions. 


HINT: If you specified alternate IP addresses or DNS names of servers in other eDirectory trees during the 
NetStorage installation, NetStorage reads the User object properties in the other eDirectory trees and displays 
those home directories also. This is useful if a user normally logs in to more than one eDirectory tree and you 
want that user to have access to additional home directories in different eDirectory trees using NetStorage. 
The User object name must be the same for each eDirectory tree. 


NetStorage processes login scripts in order to find MAP statements. Each MAP statement defines 
a NetWare file system storage resource that the user will be able to access using NetStorage. IF, 
ELSE, END, INCLUDE, and EXIT commands are also recognized by NetStorage. All other login 
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script statements are treated as comments and ignored. Finally, login script variables are also 
recognized. Variables are preceeded by a percent sign (%). 


Users might have specific eDirectory rights to certain files and folders on your network but will 

not be able to access those files and folders using NetStorage unless login script drive mappings 

exist to those folders or the files and folders are in the user’s home directory. If you want to provide 
users with NetStorage access to a specific folder, you might have to add a drive mapping command 
to that folder in a login script (container, profile, or user). 


What’s Next 


For more information on installing Netstorage, see Chapter 2, “Installing NetStorage,” on page 9. 


Once you have installed NetStorage, you can administer settings. See Chapter 3, “Administering 
NetStorage,” on page 13. 


If you need to troubleshoot issues with NetStorage, see Chapter 4, “Troubleshooting NetStorage,” 
on page 19. 


If you need to provide users with information on how to use NetStorage, see Chapter 5, “Accessing 
NetStorage,” on page 21. 
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Installing NetStorage 


NetStorage can be installed as an optional component during the Custom NetWare® 6.5 
installation or it can be installed after the installation. For most networks, you need NetStorage 
installed on only one server; however, this might vary depending size and your organization’s 
needs. For example, if you are running in a clustered environment, you must install NetStorage on 
every node in the cluster with the exact same configuration. Or, if your company is geographically 
dispersed, you might want to install NetStorage on one server in each geographic region. 


During the NetStorage installation, you are prompted for configuration information that is 
necessary for NetStorage to function properly. If you change the NetStorage configuration later, 
you must either reinstall or use Novell® iManager to change the configuration. For more 
information on iManager, see Chapter 3, “Administering NetStorage,” on page 13. 


Requirements 


In addition to meeting the requirements for NetWare 6.5, NetStorage requires the following: 


O Server Requirements: At least one NetWare 6.5 server in the eDirectory™ tree where 
NetStorage will be installed. 


An eDirectory replica is not required to be on the same server where NetStorage is installed. 


IMPORTANT: In order to avoid time issues, this server must have time set correctly according to your 
network specifications. If time is not set, workstations might not be able to access files. 


O Workstation Requirements: Netscape* Navigator* 4.7 or later, Internet Explorer 5.5 or 
later, or Microsoft Web Folders. 


Installing Novell NetStorage during the NetWare 6.5 Installation 
1 Start the NetWare 6.5 installation (either Express or Custom) and continue until you get to the 
screen requiring you to choose component options. 


The NetWare 6.5 installation includes several steps not described here because they do not 
directly relate to this installation. For more detailed instructions on the installation, see 
"Installing the Software" in the NetWare 6.5 Overview and Installation Guide. 


2 When the Choose a Solution screen appears, select Custom NetWare and then click Next. 
You can also install other products during this installation. 


Continue through the installation until you get to the screen that lists the components that can 
be installed. 


3 In the Components screen, check NetStorage Component, Apache 2 Web server, and 
iManager check boxes, along with the other components you want installed with NetWare 6.5, 
and then click Next. 
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Continue with the installation process. 


When you reach the NetStorage Install screen, specify the IP address or registered DNS name 
of a server in your eDirectory tree that has the master replica or a read/write replica of 
eDirectory. 


The primary eDirectory server URL is required for NetStorage to function properly. This does 
not necessarily have to be the IP address or DNS name of the server where NetStorage is to 
be installed. 


When a user attempts to log in, NetStorage searches the eDirectory database on the server you 
specify for the User object. If the User object is found, NetStorage attempts to authenticate 
the user to eDirectory. 


If you know the eDirectory context for the users that will use NetStorage, you can add that 
context to the URL by inserting a colon (:) between the IP address or DNS name and the 
eDirectory context. The context is optional. Ifno context is specified, NetStorage searches the 
entire eDirectory tree on the primary eDirectory server for User objects. 


For example, if the IP address of the server is 127.0.0.1 and the eDirectory context for your 
users is personnel, then you would add 127.0.0.1:personnel to the field. 


(Optional) Specify IP addresses or DNS names of servers in other eDirectory trees that have 
at least read/write eDirectory replicas, or specify the same IP address or DNS name you used 
for the primary eDirectory server but with a different context. 


You can add two alternate eDirectory server IP addresses or DNS names and context settings. 
These alternate settings are used to allow NetStorage to find User objects that exist in contexts 
other than what you specified for the primary eDirectory server. The alternate settings also 
allow NetStorage to find User objects with the same name in different eDirectory trees. 
Although the alternate URL and context settings are optional, they can help provide an 
additional level of access to NetStorage. 


(Optional) Specify the IP address or DNS name and the port number that you assigned to 
Novell iFolder®. 


The iFolder DNS name or IP address and the port number are optional but, if specified, will 
allow NetStorage users to access and manipulate files and directories in their iFolder directory 
on the iFolder server. 


Users must have their iFolder user accounts enabled through the iFolder server in order to 
access their files stored in iFolder using NetStorage. You must also enable the ability for users 
to set iFolder passphrases in NetStorage. For more information on iFolder, see the Novell 
iFolder 2.1 online documentation (http://www.novell.com/documentation/lg/ifolder21/ 
index.html). 


HINT: If you are installing NetStorage during the NetWare 6.5 installation, you can click the Back button 
to go back and view the screen where the IP address and port number assignments were made. This 
does not necessarily have to be the IP address or DNS name of the server where NetStorage is to be 
installed. 


(Conditional) If you are running in a clustered environment, install NetStorage on every node 
in the cluster using the exact same configuration used on the first server. 


The default configuration for Apache2 on NetWare 6.5 is to listen on all IP addresses. This is 
done with a Listen directive in sys:\Apache2\conf\httpd.conf that only specifies a port and 
doesn't have a specific IP address. If you have modified the default configuration to listen on 
a specific IP address, and you want the server to be a part of a cluster, you should either 
remove the specific IP address or add another Listen directive that does not specify an IP 
address so that Apache? listens on all IP addresses. 
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After you install NetStorage, it will start automatically when you start your NetWare 6.5 server. If 
NetStorage is not accessible, restart the NetWare 6.5 server where NetStorage is installed. 


Installing Novell NetStorage after the NetWare 6.5 Installation 
If you did not install NetStorage during the NetWare 6.5 installation, you can install it later by 
completing the following steps: 
1 Insert the NetWare 6.5 Products CD into your NetWare 6.5 server. 
You might need to load cdrom.nlm on the server to access this CD. 
From the Novell menu on the NetWare 6.5 console GUI, select Install. 
Click Add, then browse to the root of the NetWare 6.5 Products CD. 
Select the product.ni file, then click OK. 


a fa WO N 


Check the NetStorage, Apache, and iManager check boxes and deselect all other components 
or products unless you specifically want to install them. 


6 Go to Step 4 on page 10 to complete the NetStorage installation. 
7 Restart the NetWare 6.5 server. 


After you install NetStorage, it will start automatically when you start your NetWare 6.5 server. If 
NetStorage does not start automatically, restart the NetWare 6.5 server where NetStorage is 
installed. 


What’s Next 


After you have installed NetStorage, inform users that they can access their files from the Web. 
Instructions for accessing files using NetStorage are available in Chapter 5, “Accessing 
NetStorage,” on page 21. 


If you need to change the NetStorage configuration, use iManager. See Chapter 3, “Administering 
NetStorage,” on page 13. 
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Administering NetStorage 


You can change your NetStorage configuration after NetStorage has been installed ona NetWare® 
server (known as the Middle Tier or XTier server) using Novell® iManager. NetStorage 
configuration information is stored in the NetWare registry and iManager provides an easy method 
for changing NetStorage registry entries. iManager requires Internet Explorer 5 or later. 


If you are running in a clustered environment, any registry changes made to one node in the cluster 
must be made to the registry of each node in the cluster. After you have made a change to one node, 
run iManager on each node in the cluster and make the same changes. 


IMPORTANT: After changing any settings you must reboot your NetWare server or restart Apache Web 
server. To restart Apache Web server, at the server console, enter Ap2WebDn to stop the Web server and then 
enter Ap2Webup to restart the Web server. 


Using iManager to Administer NetStorage 


1 Start Internet Explorer 5 or later and enter the URL for iManager. 


The URL is http://server_ip_address/nps/imanager.html. Replace server_ip_address with the 
IP address or DNS name of the NetWare 6.5 server running NetStorage or the IP address for 
Apache-based services. 


The date and time on the workstation being used to access NetStorage should be reasonably 
close (within a few hours) to the date and time on the server running NetStorage to avoid 
conflicts. 


2 Enter your username and password. 
3 In the left column, locate the NetStorage configuration options you want to change. 


iManager displays a list of links in the left column that are used to access the various pages 
for editing and viewing NetStorage configuration information in the NetWare registry. For 
more information on each setting, click Help or see “Understanding the NetStorage 
Configuration Settings” on page 14. 


4 Make the necessary configuration changes. 


Description: NetStorage page in iManager 
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File Edit View Favorites Tools Help 












































User: admin 


(© Roles and Tasks 








+] FTP Management 
+] Group Management 
+] Help Desk Management 


[+] Install and Upgrade 








+ iPrint Management 
=] LDAP Management 


[+] License Management 


El NetStorage Administration Name 


Authentication Domains 
Current Sessions 
General 

iFolder Storage Provider 


eDirectory Maintenance Utilities 


Location Default 


A Value | 


Home 


ame REG_SZ XTiericonfigurationtmapdav Home@ |Home@ 


Drive 


iame REG_SZ XTier\Configuration\mapday Drive@ |Drive@ 


Debug 


Leva REG_DWORD XTier\Configurationimapday O 


Public Dir 


REG_SZ xTier\Configuration\mapday 
Name 


Alt T A n a 
ree REG_SZ xTier\Configuration\mapday 


Container 
Search REG_DWORD XTier\Configuration\mapday 1 
Height 


i Hom i i 7 
eg nr Ome REG_DWORD XTier\Configurationimapdav 1 


Resource Usage 
Statistics 
WebDav Provider 





NetWare Product Usage 








NFAU Management 














NMAS Management 








Dirs 
Check 


MAP REG_DWORD XTier\Configurationimapday O 
Drives 


SES) 


5 (Conditional) If you are running in a clustered environment, run ¡Manager on each node in the 
cluster and make the same changes. 


Understanding the NetStorage Configuration Settings 


This section includes information on all configuration settings that can be set. The settings are 
organized according to the link in the left column that they appear under. This information is also 
available if you click Help. 


General 
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Settings 


Proxy Username and 
Proxy Password 


Location 





Description 


The admin username and password that you entered when you installed your 
NetWare server. If you want the Middle Tier Server to use a different username 
and password for administrator access, specify them in the fields provided. 


If you click the Set Defaults button, the value will be set to whatever value appears 
in the Default Value column. If there is no value in the Default Value column, the 
value will be set to blank (no value). 


The registered location you want users to enter as part of the NetStorage URL to 
access NetStorage. The default is oneNet. 


If you change this registry setting, you must also edit the netstorage\xsrv.conf file 
and change the /oneNet setting in the Location section (first section) to the same 
setting you specified in iManager. 
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Settings 


Certificate Name 


Session Timeout 


Debug Level 
Janitorial Level 


Persistent Cookies 


LDAP Port 


Authentication Domains 


Description 


The default certificate name created automatically during the NetStorage 
installation is Netldentity. If you purchased a certificate that you want to use, or if 
you just want to use a different certificate, type the certificate name in this field. 


Any certificates used by NetStorage should reside in the same eDirectory™ 
context. 


The amount of time (in seconds) that the session will remain idle before it is 
terminated. If there is no NetStorage activity for this amount of time, the user will 
be required to log in again to NetStorage before being allowed file access. 


This setting should not be changed except under direction from Novell. 
This setting should not be changed except under direction from Novell. 


This setting can be turned either on or off. With the value set to 0, Persistent 
Cookies is turned off. Persistent Cookies is turned on (the default) if there is no 
value or if the value is set to anything other than 0. 


With Persistent Cookies turned off, the NetStorage session will end when the user 
closes the current browser or Web folder. Also, if the user has a current instance 
of NetStorage up in a browser window or Web folder and starts up a new browser 
instance or Web folder, the user will be required to reauthenticate. 


Turning off Persistent Cookies can be beneficial if you have workstations that are 
shared. As long as the browser instance is closed down, the next user of the 
workstation cannot accidently or intentionally obtain access to your network 
through NetStorage. 


Leaving Persistent Cookies turned on can be beneficial if your workstations are not 
shared because it prevents users from having to unnecessarily re-authenticate. 


If the user selects the Logout option in NetStorage, the NetStorage session will end 
regardless of whether Persistent Cookies is turned on or off. 


Lets you change the LDAP port number if there is a conflict between Active 
Directory and eDirectory for LDAP requests. 


This conflict exists because the backend is acting as a domain controller, which 
has Active Directory installed on it. The conflict is created by both eDirectory and 
Active Directory attempting to use the same default port (number 389). Active 
Directory normally wins the conflict. The Proxy User object type exists in eDirectory 
but not in Active Directory. Because of this, when the Middle Tier server tries to 
bind as a Proxy User, the bind attempt fails. This is also the reason LDAP lookups 
fail. 


Lets you change or add the eDirectory server URLs and contexts that are required by NetStorage. 
This page also lets you change the eDirectory server that is designated as the Primary. See 
“Installing Novell NetStorage during the NetWare 6.5 Installation” on page 9 for more information 
about eDirectory server URLs and contexts. 


Settings 
Add Domain 


Make Primary 


Description 
Adds another eDirectory server IP addresses or DNS name. 


Makes the eDirectory server URL listed above the button the Primary. 
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Settings Description 


Remove Domain Removes the eDirectory server URL from the list of URLs used by NetStorage. 
Remove Context Removes the context (if there is one) from the eDirectory server URL. 

Add Context Adds a context to the eDirectory server URL. 

Add Host Lets you list additional hosts for an Authentication Domain. Clicking the Add Hosts 


button lets you create a list of alternative hosts for the domain. 


If the Middle Tier server cannot reach the host specified in the domain, it will search 
the Other Hosts list specified in the Value field to find another server to use for 
authentication. Specify DNS names or IP addresses of alternate servers, 
separated by a comma delimiter, in the Value field. 


For example, you could enter a string similar to the following: 


Middletier.boston.digitalair.com,Middletierl.boston.digitia 
lair.com 


or 


111.22.33.4,111.22.33.41 


WebDAV Provider 


Settings Description 


Monkier The location of the NetStorage WebDAV provider (xdav.nlm). It is the location you 
want users to specify as part of the NetStorage URL to access NetStorage. The 
default is NetStorage. 


Template Directory The directory for the HTML interface. This setting should not be changed except 
under direction from Novell. 


Debug Level This setting should not be changed except under direction from Novell. 


iFolder Storage Provider 


If you have Novell iFolder® installed on your NetWare server, you can view or edit the following 
iFolder-specific configuration settings. 


Settings Description 


Root The name of the root directory for iFolder. The root iFolder directory is a virtual 
directory, and changing it will change the iFolder directory name users see when 
accessing their files and directories on the iFolder server. The default is iFolder. 


Passphrase Form Default is HTTPS. This field should not be changed unless you want users’ 
Protocol passphrases to be sent in clear text. 
iFolder Server The DNS name and port number for the iFolder server. This setting shouldn’t need 


to be changed unless you are changing the iFolder server your users will access. 


If you click the Set Defaults button, the value will be set to whatever value appears 
in the Default Value column. If there is no value in the Default Value column, the 
value will be set to blank (no value). 
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Settings 


Secure Port 


Debug Level 


NetWare Storage Provider 


Settings 


Home Name 


Drive Name 


Debug Level 


Public Directory Name 


Description 


The port number that HTTPS is running on. This setting normally does not need to 
be changed. The default is 443. 


This setting should not be changed except under direction from Novell. 


Description 


This text will be displayed on the NetStorage Web page and will be followed by the 
tree name and path to the user’s home directory. The user might have home 
directories in multiple trees, in which case multiple paths will be displayed. 


The default is Home@. You might want to change this if you want to reference 
home directories with a different word or in a language other than English. See the 
"Alternate Tree Name" for more information on configuring NetStorage to display 
multiple home directories. 


This text will be displayed on the NetStorage Web page and will include the drive 
letter being referenced followed by the path to the mapped drive. The user’s login 
script on the Primary tree is parsed by NetStorage to gather information on 
mapped drives. You might want to change this if you want to use a different word 
or words to reference mapped drives on the NetStorage Web page. 


This setting should not be changed except under direction from Novell. 


This registry key provides a way for any NetStorage user to make documents or 
files available to other NetStorage users. 


A public directory can be automatically created in each user’s home directory by 
NetStorage. If public directories are created by NetStorage, all users in the same 
eDirectory context will have Read and File Scan rights to the other users’ public 

directories. 


If you don’t want public directories created in users’ home directories, leave this 
field blank (the default). 


If you want public directories created in users’ home directories, enter the name for 
the public directories. For example, if you specify My Public Files as the name for 
the public directories, a folder named My Public Files will be created at the root of 
each user’s home directory the first time the user logs in using NetStorage. 


To access a public directory, users need to add ~username at the end of the URL 
used to access NetStorage. For example if you want to access the public directory 
for a user named jsmith, you might specify a URL similar to http://file.i-login.net/ 
oneNet/NetStorage/~jsmith. 
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Settings 


Alternate Tree Name 


Container Search 
Height 


Home Dirs 


Check MAP Drives 


Current Sessions 


Description 


When a user’s home directory is displayed by NetStorage, the name of the 
eDirectory tree is also displayed. With this configuration field, you can substitute 
the tree name that users see in NetStorage to something that might be more 
intuitive. For example, if the tree name is SERVICES 2 and you want users to see 
i-Login, you would type SERVICES2/i-Login in this configuration field. The 
eDirectory tree name and the substitute name are separated with a slash (/). 


NetStorage can access user home directories in multiple eDirectory trees. If you 
want to substitute eDirectory tree names in more than one tree, separate those 
tree name substitutions with a comma. An example of this is SERVICES2/i- 
Login, SERVEME2/Staging. 


Specifies the number of container levels (from where the User object is located) 
that NetStorage will search up in the eDirectory tree for the container login script. 
The default is 1, which is the same level used by Novell Client™ software. 


If you specify a number greater than the number of container levels in the 
eDirectory tree, NetStorage will search up to and including the root container in the 
tree. If you specify 0, NetStorage will only search the container where the User 
object is located. 


Specifies if home directories are to be processed. The default is 1, meaning that 
they will be processed. If you specify 0, no home directories will be processed or 
displayed to the user. 


Specifies if mapped drives (from login script MAP statements) are checked when 
the user logs in. The default is 0, meaning that mapped drives are not checked and 
all mapped drives are displayed to the user. If the user attempts to access a 
mapped drive pointing to a directory that does not exist or that the user does not 
have access rights to, an error occurs. 


If you specify 1, each mapped drive is checked at login and map drives that do not 
exist or that the user does not have access to are not displayed. 


Displays a report with information on the current NetStorage sessions. 


Resource Usage 


Displays a detailed report of resource utilization for NetStorage. 


Statistics 


Displays a report with information about server up time, login failures, number of NetStorage 


sessions, etc. 


What’s Next 


After you have configured NetStorage, inform users that they can access their files from the Web. 
Instructions for accessing files using NetStorage are available in Chapter 5, “Accessing 
NetStorage,” on page 21. 
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Slow Login 


Configuring 


Troubleshooting NetStorage 


This section contains information on common troubleshooting issues. In addition to this 
information, additional information is located in Technical Information Documents (TIDs) 
available in the Knowledgebase on the Novell Technical Support Web site (http:// 
support.novell.com). 


The most common cause of a slow login to NetStorage is large or poorly configured login scripts. 
When a user authenticates to the Primary Authentication domain, all applicable login scripts for 
that user object are processed. The more commands executed, the longer the login process. 


Invalid authentication domains can also slow the login process. After the user has been 
authenticated to the Primary authentication domain, the same username and password will be used 
to authenticate to any Secondary authentication domains. Authentication failure on any of these 
domains will slow logins. Users can successfully authenticate to the Primary Authentication 
domain and fail at each of the secondary domains. 


It is helpful to determine if slow logins are global (all users) or specific to a given user object. If 
all users are affected, it is more likely to be a problem with the XTier authentication domain 
configuration. If a single user or groups of users are affected, check all login scripts that apply to 
that user or group. A problem with a context's login script can affect a large number of users. 
Mapping out which scripts apply to which users can help narrow the problem. 


For more information on how NetStorage works with Login Scripts, see "Understanding How 
Login Scripts Work with NetStorage (http://www.novell.com/documentation/lg/noclienu/ 
index.html?page=/documentation/lg/noclienu/login/data/ajikjj4.html)" in the Novell Login Scripts 
Guide. 


LDAP Contextless Login for use with NetStorage 


When configuring LDAP contextless login, consider the following issues. 


Primary Authentication Domain: The user must be authenticated to the Primary Authentication 
domain (an eDirectory server with a replica). You may provide more than one context in the 
Primary Authentication domain resulting in each context being searched for the presence of the 
user. The search is performed using an LDAP search of the configured contexts. 


Secondary Authentication Domain: After the user has been authenticated to the Primary 
authentication domain, the same username and password will be used to authenticate to any 
Secondary authentication domains. The search is performed using an LDAP search of the 
configured contexts for that domain. If authentication to any Secondary domains is unsuccessful, 
the user is still authenticated to the Primary authentication domain. Authentication failure on a 
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Secondary domain can cause a delay in the login process and is one of the most common causes 
of slow logins to NetStorage. 


Enable Clear Text Passwords: Passwords are encrypted in NetWare 6.5 so Enable Clear Text 
Passwords should not be selected on the LDAP Group object. LDAP will need read and browse 
rights to the entire tree. By default, when a user performs an anonymous bind (doesn't specify a 
password), a special object in the directory calculates access control for that user. This object is 
termed [Public]. By default, this object can browse the entire tree hierarchy and read a limited 
number of attributes on entries. The attributes that [Public] can read are those that have the X- 
NDS_PUBLIC_READ option set to true. Because passwords are encrypted, the proxy username 
and passwords might not look correct. 


If you'd like to have an anonymous bind use a different object in the tree, you can specify that 
object in the Proxy Username field. By doing this, you can restrict the types of objects and 
attributes that anonymous users can access by setting the appropriate access controls on the proxy 
user object. The proxy username must be a distinguished name. To easily select an object, click 
the directory browser button to the right of the text field on the LDAP Group Object. A dialog box 
appears that allows you to choose an object in the tree. Any NDS user object can be used and 
anonymous access will assume the NDS rights of that user. 


IMPORTANT: A proxy user must have a blank password in order to work correctly. This is very different from 
having NO password. If any user has no password, then they do not have a public/private key pair to compare 
against when attempting login. A blank password will generate a public/private key pair, although the actual 
string for the password is empty. To set a blank password, go into ConsoleOne and click on the Restrictions 
tabpage. Then click on Change Password. Without typing anything, click Set Password. This will set the 
password to an empty string. (still true?) 


Novell iFolder and NetStorage 


When troubleshooting a NetStorage and Novell iFolder® issue, it is important to first determine if 
it is a NetStorage problem or an iFolder problem. It is easy to spend a great deal of time working 
the problem from the NetStorage end only to find that the user cannot access iFolder directly. A 
few simple tips can help speed the identification of the problem. 


1. Take NetStorage out of the equation. Make sure the User can successfully log into iFolder 
with the iFolder client or applet. If login is unsuccessful, the problem is with iFolder and 
should be addressed there. If the user successfully logs in to iFolder, begin troubleshooting 
the NetStorage application. 


2. Enable debugging for the iFolder Storage Provider. In iManager, click iFolder Storage 
Provider and change the Debug Level from 0 (default) to FFFFFFFF, then restart the server. 
Log in to NetStorage and attempt to access iFolder. The server logger screen will now display 
all warnings and errors related to the iFolder Provider. 


3. Create a new user for testing. Some problems are user-specific and some problems affect all 
users. Creating a test user can help to determine this. When creating a test user for 
troubleshooting, login scripts and home directories are not needed. 


Other Useful TIDs 


Tid # 10076634 NetStorage Error: Passphrase could not be set 
Tid # 10066482 Configuring Novell NetWare 6 NetStorage for a clustered volume 
Tid # 10071930 Can't single-sign on to NetStorage through iChain 
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Accessing NetStorage 


To access NetStorage from a workstation, do the following: 
1 Start your browser or Microsoft Web Folders and specify the URL for NetStorage. 


The URL is http://server_ip_address/oneNet/NetStorage/. Replace server_ip_address with 
the IP address or DNS name of the server running NetStorage or the IP address for Apache- 
based services. If Apache-based services use a port other than 80, you must also specify that 
port number with the URL. 


For example, if the IP address for NetStorage is 127.1.1.1 and the port number is 51080, then 
you would specify 127.1.1.1:51080/oneNet/NetStorage/. 


The date and time on the workstation being used to access NetStorage should be reasonably 
close (within a few hours) to the date and time on the server running NetStorage to avoid 
conflicts. 


2 Enter your username and password. 


NetStorage uses your eDirectory™ username and password, so you don’t need to remember 
or use a separate username or password. 


Based on how NetStorage has been configured, the NetStorage Web page displays the network 
files and folders you have access to. NetStorage reads your NetWare® login script to determine 
drive mappings, reads eDirectory User object properties to determine your home directory, then 
displays a list of files and folders based on mapped drives and home directories. If you usually log 
in to more than one eDirectory tree, you might have access to additional home directories in 
different eDirectory trees. If you have a Novell® iFolder® account, this account is also displayed. 
However, some NetStorage features such as Download for Editing are not available with Novell 
iFolder. 


You can use many ofthe same conventions for expanding and contracting folders and opening files 
that are available in Windows Explorer. To create new folders or copy, delete, rename, move, or 
download existing files using a browser, click the File menu. 


Description: NetStorage folder view 
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Novell. 


User: bsmith. boston, digital Loca NetStorage 

Modifie 
02/11/2003 8:40 AM 
02/11/2003 10:38 AM 
02/10/2003 10:43 AM 
02/10/2003 10:51 AM 
02/11/2003 8:39 AM 
02/11/2003 8:39 AM 








Clicking the Folder View button in the browser window displays folders in another column and 
lets you expand and contract folders. The Text View only displays the files and folders in the 
current directory and does not let you expand or contract folders. 


Local files and folders are not accessible using NetStorage. Also, you cannot map drives or change 
login scripts from NetStorage. 
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